CloudPassage9
Q3. What are the key elements to consider when securing workloads at the container level?
Mitch Bishop
automation for one; orchestration has to be seamless with provisioning tools
anshu pande
Since both Container and Host share a lot of Host Hardware , we need to consider a lot to just securing workloads #securedocker
Eric Hoffmann
is it a decision point to focus securing efforts on the base-image vs per container? #securedocker
anshu pande
Will a #ghost like vulnerability in containers makes our host machines Vulnerable? #SecureDocker
Amrit DePaulo
.@anshupande if there is access to the container, which is highly likely, than an application level vuln or vuln in the shared services of the host will make the container vulnerable to exploit #securedocker
Daniel Walsh
Correct if your container gets hacked, you have to make sure that it is confined into the container.
Eric Hoffmann
@cloudpassage @anshupande I was able to exploit shellshock in an example app and get container access. I didn't try to access the host though was out-of-scope for my purposes #securedocker
Daniel Walsh
You need the best tools to wrap the container with security, See my articles on containing containers.
Amrit DePaulo
.@rhatdan you should provide the links, they were good articles
Daniel Walsh
Article 3 and 4 have been written and are going through the publishing process now.